Paper Info
Title
Attack and Fault Detection in Process Control Communication Using Unsupervised Machine Learning
Abstract
In the course of industrial digitalization, the security of process control networks and especially critical infrastructures has become a major issue that requires novel methods to achieve a multi-level protection. An important feature of this protection is a protocol-specific monitoring within the process control networks that identifies faults and attacks which already have overcome the firewall protection. For a wide-spread application in various sites, this monitoring must be self-adaptive to the different traffic characteristics of the respective networks. Protocol knowledge combined with unsupervised machine learning algorithms can leverage this task. In this paper we present the latest results of applying two machine learning methods on real-world traffic datasets from two plant process control networks. The results for different mappings of the considered packet features are discussed in terms of f-score, precision, and recall. They demonstrate the high potential of using unsupervised learning for training anomaly detectors to identify intrusions in industrial networks.
Year
DOI
Venue
2018
10.1109/INDIN.2018.8472054
2018 IEEE 16th International Conference on Industrial Informatics (INDIN)
Keywords
Field
DocType
industrial communication,process control,network security,anomaly detection,unsupervised learning
Firewall (construction),Fault detection and isolation,Work in process,Network packet,Real-time computing,Feature extraction,Unsupervised learning,Process control,Artificial intelligence,Engineering,Machine learning
Conference
ISSN
ISBN
Citations 
1935-4576
978-1-5386-4830-8
0
PageRank 
References 
Authors
0.34
5
4
Name
Order
Citations
PageRank
Franka Schuster1202.98
Fabian Malte Kopp200.34
Andreas Paul3182.59
Hartmut König438476.64